Last week, a federal appeals court upheld an FCC ruling that requires Internet phone service providers like Vonage to provide law enforcement agencies with the ability snoop on customer communications. The FCC’s ruling will force VoIP providers into compliance with the same regulatory policies currently applied to conventional phone services under the Communications Assistance for Law Enforcement Act (CALEA).
The FCC’s decision has been challenged by universities that are concerned about the costs (potentially as high as several hundred dollars per student) and challenges associated with implementing technology that facilitates remote wiretaps. Critics have also challenged the necessity of remote wiretapping mechanisms for VoIP, pointing out that law enforcement agents can already install whatever snooping mechanisms they want on-site if they have the proper warrant. Privacy advocates argue that expanding CALEA to digital information services will make it easier for the federal government to tie Internet phone communications into its existing automated domestic surveillance systems.
The ruling is somewhat surprising, since CALEA itself clearly states that information service providers are exempt. Last month, when FCC lawyer Jacob Lewis argued that broadband providers should be required to conform with CALEA because their Internet voice communication services are distinct from their data services, Judge Harry Edwards responded with derision. Edwards dismissed the FCC’s interpretation of CALEA as “nonsense” and “gobbledygook.”
In the official ruling, Judge David Sentelle wrote that "CALEA expressly provides that the commission may extend the definition of a telecommunications carrier," and that the FCC "offered a reasonable interpretation" of the law. Judge Edwards dissented from the ruling, writing that CALEA "does not give the FCC unlimited authority to regulate every telecommunications service that might conceivably be used to assist law enforcement." To the relief of most American universities, the court also ruled that private networks—particularly those at universities—are not covered by CALEA.